Information processing apparatus and information processing method

ABSTRACT

An apparatus includes a first processing unit to judge, whether the route information storing unit stores a second next destination address; a second processing unit to judge whether a received packet includes an message authentication code, in the case where the route-information storing unit stores the second next destination address; a third processing unit to judge whether the key-information storing unit stores a second shared key, which is a first shared key shared between the information processing apparatus, in the case where the received packet does not include the message authentication code for the second next destination address; a third packet generating unit to generate a third packet, which includes a next destination and information indicating that the generation of an message authentication code is impossible, in the case where the key information storing unit does not store the second shared key.

CROSS-REFERENCE TO RELATED APPLICATION

This application is based upon and claims the benefit of priority fromJapanese Patent Application No. P2011-065267, filed on Mar. 24, 2011;the entire contents of which are incorporated herein by reference.

FIELD

Embodiments of the invention relate to a technology to relay data.

BACKGROUND

Authentication information (massage authentication code) termed asmessage authentication code (MAC) is commonly used to authenticatepackets transferred between terminal apparatuses over a network. When apacket is transferred from a source apparatus to a destination apparatusvia multiple relaying apparatuses located along the packet transferroute, the source apparatus transmits the packet with attachment ofmultiple MACs (message authentication codes) that correspondrespectively to the multiple relaying apparatuses along the route. Theattachment of the MACs to the packet enables the relaying apparatuses toverify the packet in turn.

The use of a MAC-authentication technique makes it possible to preventany evil-minded attacker from gaining unauthorized access to theterminal apparatuses via the multiple relaying apparatuses located alongthe communication route. In addition, the use of the MAC-authenticationtechnique also makes it possible to detect a fraudulent tampering of apacket.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a diagram illustrating an example of a system where aninformation processing apparatus of an embodiment is used.

FIG. 2 is a diagram illustrating a configuration of a first embodiment.

FIG. 3 is a diagram illustrating an example of route information of thefirst embodiment.

FIG. 4 is a diagram illustrating an example of key information of thefirst embodiment.

FIG. 5 is a flowchart showing an operational flow of the firstembodiment.

FIG. 6 is the other flowchart showing the operational flow of the firstembodiment.

FIG. 7 is a diagram of an example of the first embodiment.

FIG. 8 is a diagram illustrating a configuration of a second embodiment.

FIG. 9 is a flowchart showing an operational flow of the secondembodiment,

FIG. 10 is a flowchart showing the operational flow of the secondembodiment.

FIG. 11 is a diagram illustrating an example of the operations of thesecond embodiment.

FIG. 12 is a diagram illustrating a modification of the operations ofthe second embodiment.

DETAILED DESCRIPTION

The relaying apparatuses located along the communication routes fail, insome cases, to forward the packet with attachment of the multiple MACs(message authentication codes), because of bad connection conditions ofthe network or other reasons.

In addition, the more relaying apparatuses a packet needs to passthrough until reaching the destination, the more MACs (messageauthentication codes) are attached to the packet. This causes asignificant negative influence on the network and the relayingapparatuses from the view point of communication efficiency.

An aspect of one embodiment has been made in view of the abovecircumstance. An object of one aspect of the embodiment is to reduce thenumber of the MACs (message authentication codes) to be attached to apacket when the transfer of the packet with the attachment of the MACs(message authentication codes) fails between relaying apparatuses.

An information processing apparatus of a first aspect of the presentembodiment includes a receiving unit configured to receive a firstpacket sent from a first apparatus, the first packet including data andan ultimate-destination address representing address information of anultimate destination; a route-information storing unit configured tostore the ultimate-destination address and a first next destinationaddress representing address information of a next forwardingdestination, the stored ultimate-destination address and first nextdestination address associated with each other; a route-informationchecking unit configured to check, on the received ultimate-destinationaddress, whether or not the route-information storing unit stores asecond next destination address which is a first next destinationaddress not having been sent yet; a second processing unit configured tojudge, on the basis of the first packet and the second next destinationaddress, whether or not the first packet further includes an messageauthentication code corresponding to the second next destinationaddress, the second processing unit performing the judgment if theroute-information storing unit stores the second next destinationaddress; a key-information storing unit configured to store a firstshared key, which is a key shared between the information processingapparatus of its own and a different information processing apparatus; afirst-packet generating unit configured to generate a first packet on abasis of the first packet and the second next destination address if thefirst packet includes the message authentication code corresponding tothe second next destination address; a third processing unit configuredto judge whether or not the key-information storing unit stores a secondshared key, which is a first shared key shared between the informationprocessing apparatus of its own and an information processing apparatuscorresponding to the second next destination address, the thirdprocessing unit performing the judgment if the received packet does notinclude the message authentication code corresponding to the second nextdestination address; an message authentication code generating unitconfigured to generate a first message authentication code on a basis ofthe data and the second shared key if the key-information storing unitstores the second shared key; a second-packet generating unit configuredto generate a second packet including the ultimate-destination address,the data, and the first message authentication code; a third-packetgenerating unit configured to generate a third packet, which includes anext destination and information indicating that the generation of anmessage authentication code is impossible, if the key-informationstoring unit does not store the second shared key; and a transmittingunit configured to transmit any one of the first packet, the secondpacket, and the third packet.

Another aspect of the embodiment includes a receiving unit configured toreceive a first packet sent from a first apparatus, the first packetincluding data, an message authentication code, and anultimate-destination address representing address information of anultimate destination; an message authentication code verifying unitconfigured to verify whether or not the received packet includes aproper message authentication code; a transfer-control informationprocessing unit configured to change a value set in transfer-controlinformation by a predetermined method if, as a result of theverification, the received packet includes the proper messageauthentication code; a route-information storing unit configured tostore the ultimate-destination address and a first next destinationaddress representing address information of a next forwardingdestination, the stored ultimate-destination address and first nextdestination address associated with each other; a first processing unitconfigured to judge, on the basis of the received ultimate-destinationaddress, whether or not the route-information storing unit stores asecond next destination address, which is the first next destinationaddress to which transmission can be directed; a second processing unitconfigured to judge, on the basis of the first packet and the secondnext destination address, whether or not the first packet furtherincludes an message authentication code corresponding to the second nextdestination address, the second processing unit performing the judgmentif the route-information storing unit stores the second next destinationaddress; a key-information storing unit configured to store a firstshared key, which is a key shared between the information processingapparatus of its own and a different information processing apparatus; afirst-packet generating unit configured to generate a first packet on abasis of the first packet and the second next destination address if thereceived packet includes the message authentication code correspondingto the second next destination address; a third processing unitconfigured to judge whether or not the key-information storing unitstores a second shared key, which is a first shared key shared betweenthe information processing apparatus of its own and another informationprocessing apparatus corresponding to the second next destinationaddress, the third processing unit performing the judgment if the firstpacket does not include the message authentication code corresponding tothe second next destination address; an message authentication codegenerating unit configured to generate a first message authenticationcode on a basis of the data and the first shared key if thekey-information storing unit stores the second shared key; asecond-packet generating unit configured to generate a second packetincluding the ultimate-destination address, the data, and the firstmessage authentication code; a third-packet generating unit configuredto generate a third packet, which includes a next destination andinformation indicating that the generation of an message authenticationcode is impossible, if the key-information storing unit does not storesthe first shared key; and a transmitting unit configured to transmit thefirst packet, the second packet or the third packet.

First Embodiment

A first embodiment of the invention will be described in detail below byreferring to the drawings.

FIG. 1 is a diagram illustrating an example of a configuration of acommunication network where an information processing apparatus of anembodiment of the invention is used. The following description will begiven for this embodiment by showing a relaying apparatus as an exampleof the information processing apparatus is a relaying apparatus.

The communication network includes transmitting apparatuses (11 a, . . .), multiple relaying apparatuses (10 a to 10 f), and receivingapparatuses (12 a, 12 b, . . . ). The transmitting apparatus 11 a islinked to the relaying apparatuses (10 a to 10 f). The transmittingapparatus 11 a sends a packet to the relaying apparatuses (10 a to 101)while designating the receiving apparatus 12 a as the ultimatedestination.

Each of the relaying apparatuses (10 a to 100 is connected to: one ormore transmitting apparatuses and one or more other relayingapparatuses; one or more other relaying apparatuses; or one or moreother relaying apparatuses and one or more receiving apparatuses. One ofthe relaying apparatuses (10 a to 10 f) included in this communicationnetwork is connected to multiple other relaying apparatuses. Eachrelaying apparatus receives packets, and sends the received packets toeither another relaying apparatus or a receiving apparatus. Eachreceiving apparatus receives packets.

FIG. 2 is a diagram illustrating an example of a configuration of aninformation processing apparatus (a relaying apparatus in this case) ofthis embodiment of the invention.

Each relaying apparatus 10 includes a receiving unit 101, an messageauthentication code verifying unit 104, a route-information storing unit102, a first processing unit 105 (route-information extracting unit), asecond processing unit 106, a key-information storing unit 103, a thirdprocessing unit 107, an message authentication code generating unit 109,a first-packet generating unit 108, a second-packet generating unit 110,a third-packet generating unit 111, and a transmitting unit 112.

The receiving unit 101 receives a packet (S1 packet) sent by either atransmitting apparatus or a different relaying apparatus. In thisrespect, the transmitting apparatus or the different relaying apparatusthat sends the packet (S1 packet) to the relaying apparatus will bereferred to as a “previous source apparatus.” The receiving unit 101passes the received packet (S1 packet) to the message authenticationcode verifying unit 104. The packet (S1 packet) includes: data; anmessage authentication code generated from the data and a key possessedby the transmitting apparatus; address information of the previoussource apparatus; and address information of the ultimate destination ofthe packet (S1 packet) (ultimate-destination address).

The route-information storing unit 102 stores route information. Theroute information includes information in which the ultimate-destinationaddress and address information of a next destination for forwarding thepacket (first next destination address) are associated with each other.In addition, the information included in the route information may befurther associated with information indicating whether or not aparticular address is a forwarding target candidate (forwarding-targetcandidate information). The ultimate-destination address in thisembodiment is address information of the receiving apparatus. The routeinformation is used to determine where to forward the received packet.Another relaying apparatus or a receiving apparatus which is the nextforward destination will be referred to as a “nextforwarding-destination apparatus.”

FIG. 3 is a diagram illustrating an example of the route informationstored in the route-information storing unit 102. The route informationshown in FIG. 3 stores a goal destination (the ultimate-destinationaddress), a forwarding destination (forwarding-destination address), andinformation on whether or not the forwarding is permitted (i.e.,information indicating whether or not each particular address is aforwarding target candidate), which are associated with one another.

The key-information storing unit 103 stores a shared key shared betweenthe relaying apparatus and the transmitting apparatus, a shared keyshared between the relaying apparatus and another relaying apparatus, ora shared key shared between the relaying apparatus and the receivingapparatus.

FIG. 4 is a diagram illustrating an example of the key informationstored in the key-information storing unit 103. The capital letter “K”represents a key, and each notation including the capital letter “K” anda parenthesized string of letters means that the key is shared betweenor among apparatuses represented by capital letters which are connectedtogether with a dash (“-”). For instance, “K(B-C)” represents a sharedkey shared between the apparatuses B, C. “K(A-B-D)” represents a sharedkey shared among the apparatuses A, B, D. In FIGS. 11 and 12, asubscript letter string of “A-B-D” written immediately below and to theright of the capital letter K carries a similar meaning.

The message authentication code verifying unit 104 accepts the packetreceived by the receiving unit 101. The message authentication codeverifying unit 104 checks whether or not the received packet includes anmessage authentication code. If the received packet includes an messageauthentication code, the message authentication code verifying unit 104generates an message authentication code from both the massage includedin the packet and the shared key stored in the key-information storingunit 103. The message authentication code verifying unit carries out theverification by judging whether or not the newly generated messageauthentication code and the received message authentication code areidentical to each other. That an message authentication code identicalto the received message authentication code can be generated means thesame shared key is shared by the source apparatus and recipientapparatus of the received packet. Once it is verified that the newlygenerated message authentication code is identical to the receivedmessage authentication code, the relaying apparatus gets ready toreceive the packet.

To this end, once it is verified that the newly generated messageauthentication code is identical to the received message authenticationcode, the message authentication code verifying unit 104 passes thereceived packet on to the first processing unit 105, which will bedescribed later.

In contrast, if it is verified that the newly generated messageauthentication code is not identical to the received messageauthentication code, the message authentication code verifying unit 104sends, to the transmitting unit 112, information indicating that thereception of the packet is not permitted.

On the basis of the ultimate-destination address of the packet (receivedpacket) received by the receiving unit 101, the first processing unit105 (the route-information extracting unit) judges whether or not theroute-information storing unit 102 stores the route informationincluding the ultimate-destination address of the received packet.

If the first processing unit 105 (the route-information extracting unit)judges that the route-information storing unit 102 stores such routeinformation, the first processing unit 105 (the route-informationextracting unit) extracts one or more first next forwarding-destinationaddresses which are associated with the ultimate-destination address. Inaddition, the first processing unit 105 (the route-informationextracting unit) extracts, from the one or more extracted first nextforwarding-destination addresses, a second next forwarding-destinationaddress which is a first next forwarding-destination address being aforwarding target candidate. In this respect, if multiple second nextforwarding-destination addresses exist, the first processing unit 105(the route-information extracting unit) extracts one from the multiplesecond next forwarding-destination addresses. Subsequently, the firstprocessing unit 105 (the route-information extracting unit) outputs theextracted second next forwarding-destination address to the secondprocessing unit 106, which will be described later. Incidentally, nospecific restriction is imposed on the method of extracting one secondnext forwarding-destination address from the multiple second nextforwarding-destination addresses. For instance, the extraction may bedone following the sequence in which the second nextforwarding-destination addresses are stored in the route-informationstoring unit 102.

In the case shown in FIG. 3, for the ultimate-destination address“MDMS12 sa,” two relaying apparatuses 10 sa, 10 se are stored as thenext forwarding-destination addresses. Accordingly, these two nextforwarding-destination addresses are extracted. In addition, concerningthe item “forwarding permitted/unpermitted” (information indicatingwhether or not a particular address is a forwarding target candidate),the forwarding to the relaying apparatus 10 sa is unpermitted while theforwarding to the relaying apparatus 10 se is permitted. Accordingly,only the relaying apparatus 10 se is the address which can be theforwarding target candidate, so that the relaying apparatus 10 se isextracted.

If the first processing unit 105 (the route-information extracting unit)judges that the route-information storing unit 102 stores no routeinformation, the first processing unit 105 (the route-informationextracting unit) outputs, to the transmitting unit 112, informationindicating that the received packet is not able to be forwarded.

The second processing unit 106 judges whether or not the received packetincludes an message authentication code generated by use of the sharedkey shared between the next forwarding-destination apparatus and theprevious source apparatus. In this respect, specific examples of thecombination of the next forwarding-destination apparatus and theprevious source apparatus include: a relaying apparatus specified by thesecond next forwarding-destination address and a transmitting apparatus;a relaying apparatus specified by the second next forwarding-destinationaddress and another relaying apparatus; and a receiving apparatusspecified by the second next forwarding-destination address and anotherrelaying apparatus.

If the second processing unit 106 judges that the received packetincludes the message authentication code generated by use of the sharedkey shared between the next forwarding-destination apparatus and theprevious source apparatus, the second processing unit 106 outputs boththe received packet and the second next forwarding-destination addressto the first-packet generating unit 108.

Specific examples of the message authentication code generated by use ofthe shared key shared between the previous source apparatus and the nextforwarding-destination apparatus include: an message authentication codegenerated by use of the shared key shared between a transmittingapparatus as the previous source and a relaying apparatus as the nextdestination; an message authentication code generated by use of theshared key shared between a relaying apparatus as the previous sourceand a relaying apparatus as the next destination; and an messageauthentication code generated by use of the shared key shared between arelaying apparatus as the previous source and a receiving apparatus asthe next destination.

If the second processing unit 106 judges that the received packet doesnot include the message authentication code generated by use of theshared key shared between the next forwarding-destination apparatus andthe previous source apparatus, the second processing unit 106 outputsboth the received packet and the second next forwarding-destinationaddress to the third processing unit 107 (the key checking unit).

Specific examples of the message authentication code generated by use ofthe shared key shared between the previous source apparatus and the nextforwarding-destination apparatus include: an message authentication codegenerated by use of the shared key shared between a transmittingapparatus as the previous source and a relaying apparatus as the nextdestination; an message authentication code generated by use of theshared key shared between a relaying apparatus as the previous sourceand a relaying apparatus as the next destination; and an messageauthentication code generated by use of the shared key shared between arelaying apparatus as the previous source and a receiving apparatus asthe next destination.

Once receiving the received packet and the second nextforwarding-destination address, the third processing unit 107 (the keychecking unit) judges whether or not the key-information storing unit103 stores a shared key which is shared by the relaying apparatus of itsown and the next forwarding-destination apparatus (i.e., the apparatusspecified by the second next forwarding-destination address). Specificexamples of the shared key shared by the relaying apparatus of its ownand the next forwarding-destination apparatus include: a shared keyshared by the relaying apparatus of its own and a relaying apparatus asthe next destination apparatus; and a shared key shared by the relayingapparatus of its own and a receiving apparatus.

If the third processing unit 107 judges that the key-information storingunit 103 stores the shared key which is shared by the relaying apparatusof its own and the next forwarding-destination apparatus, the thirdprocessing unit 107 (the key checking unit) retrieves the found sharedkey from the key-information storing unit 103. Subsequently, the thirdprocessing unit 107 (the key checking unit) outputs the received packet,the second next forwarding-destination address, and the retrieved sharedkey to the message authentication code generating unit 109.

If the third processing unit 107 (the key checking unit) judges that thekey-information storing unit 103 does not store the shared key which isshared by the relaying apparatus of its own and the nextforwarding-destination apparatus, the third processing unit 107 outputsthe second next forwarding-destination address to the third-packetgenerating unit 111.

On the basis of both the received packet and the second nextforwarding-destination address received by the first-packet generatingunit 108, the first-packet generating unit 108 generates a first packetwhich is a packet including both the data included in the receivedpacket and the second next forwarding-destination address. Subsequently,the first-packet generating unit 108 outputs the generated first packetto the transmitting unit 112.

The message authentication code generating unit 109 receives thereceived packet, the second next forwarding-destination address, and theretrieved shared key (A1 shared key). On the basis of both the dataincluded in the received packet and the A1 shared key, the messageauthentication code generating unit 109 generates an messageauthentication code (A1 message authentication code). Subsequently, themessage authentication code generating unit 109 outputs the receivedpacket, the second next forwarding-destination address, and the A1message authentication code to the second-packet generating unit 110.

The second-packet generating unit 110 generates an A2 packet which is apacket including: the data included in the received packet; the secondnext forwarding-destination address; and the A1 message authenticationcode. Subsequently, the second-packet generating unit 110 outputs thegenerated A2 packet to the transmitting unit 112.

The third-packet generating unit 111 receives the second nextforwarding-destination address. Thereafter, the third-packet generatingunit 111 generates an A3 packet which is a packet including: the dataincluded in the received packet; a request to generate an authentic codewhich is expected to be generated from a shared key (A2 shared key)shared between the next forwarding-destination apparatus and theprevious source apparatus; and the second next forwarding-destinationaddress.

Alternatively, the third-packet generating unit 111 may generate the A3packet without including the request to generate the A2 shared key inthe A3 packet. In this case, on the basis of the second nextforwarding-destination address, the A2 shared key may be generated bythe previous source apparatus which receives the second nextforwarding-destination address from the transmitting unit 112, whichwill be described later.

Once receiving, from the first processing unit 105 (theroute-information checking unit), the information indicating that thereceived packet is unable to be forwarded, the transmitting unit 112sends, to the previous source apparatus, the information indicating thatthe received packet is unable to be forwarded.

Once receiving the A1 packet from the first-packet generating unit 108,the transmitting unit 112 forwards the A1 packet to the nextforwarding-destination apparatus of the second nextforwarding-destination address.

Once receiving the A2 packet from the second-packet generating unit 110,the transmitting unit 112 forwards the A2 packet to the nextforwarding-destination apparatus of the second nextforwarding-destination address.

Once receiving the A3 packet from the third-packet generating unit 111,the transmitting unit 112 forwards the A3 packet to theforwarding-destination apparatus.

Description will be turned to a case where a relaying apparatus is theprevious source apparatus (transmitting apparatus).

The receiving unit 101 receives the A3 packet, and forwards the A3packet to the third processing unit 107.

Upon receiving the A3 packet, the third processing unit 107 judgeswhether or not the key-information storing unit 103 stores the sharedkey (A2 shared key) shared by itself and the apparatus designated by thesecond next forwarding-destination address.

If the shared key (A2 shared key) shared by the third processing unit107 and the apparatus designated by the second nextforwarding-destination address is in the key-information storing unit103, the third processing unit 107 extracts the shared key (A2 sharedkey) from the key-information storing unit 103.

The third processing unit 107 outputs the A3 packet and the shared key(A2 shared key) to the message authentication code generating unit 109.

On the basis of both the data included in the A3 packet and the sharedkey (A2 shared key), the message authentication code generating unit 109generates an message authentication code (B1 message authenticationcode). Subsequently, the message authentication code generating unit 109outputs the data included in the A3 packet, the shared key (A2 sharedkey), and the message authentication code (A2 message authenticationcode) to the second-packet generating unit 110.

The second-packet generating unit 110 generates a fourth packet whichincludes the data included in the A3 packet, the shared key (A2 sharedkey), and the message authentication code (A2 message authenticationcode). Subsequently, the second-packet generating unit 110 outputs thefourth packet to the transmitting unit 112.

Next, description will be provided for how each relaying apparatus shownin FIG. 2 operates. FIG. 5 is a flowchart showing the operations of therelaying apparatus.

The receiving unit 101 receives a packet sent from a transmittingapparatus or another relaying apparatus (S101). Subsequently, thereceiving unit 101 passes the received packet to the messageauthentication code verifying unit 104.

The message authentication code verifying unit 104 checks whether or notthe received packet includes an message authentication code (S102).

If the received packet includes no message authentication code (NO instep S102), the message authentication code verifying unit 104 sends theprevious source apparatus, which is the source of the received packet, areturn message indicating that the reception is impossible (S103).

If the received packet includes the message authentication code (YES instep S102), the message authentication code verifying unit 104 forwardsthe received packet to the first processing unit 105. On the basis ofthe ultimate-destination address of the packet, the first processingunit 105 makes a judgment about the existence or absence of the routeinformation (S104).

In case of the absence of the route information, the first processingunit 105 outputs, to the transmitting unit 112, information indicatingthat the forwarding of the received packet is impossible (S105).

In case of the existence of the route information, the first processingunit 105 extracts a second next forwarding-destination address from theroute-information storing unit 102, and outputs the extracted secondnext forwarding-destination address to the second processing unit 106(S106).

The second processing unit 106 judges whether or not the received packetincludes an A1 message authentication code generated by use of theshared key (A1 shared key) shared between the nextforwarding-destination apparatus specified by the second nextforwarding-destination address and the previous source apparatus (S107).

If the second processing unit 106 judges that the received packetincludes the message authentication code (YES in step S107), both thereceived packet and the second next forwarding-destination address areoutputted to the first-packet generating unit 108.

The first-packet generating unit 108 generates an A1 packet includingboth the data included in the received packet and the second nextforwarding-destination address (S108), as well as sends the generated A1packet to the transmitting unit 112 (S109).

If the second processing unit 106 judges that the received packetincludes no A1 message authentication code (No in step S107), the thirdprocessing unit 107 judges whether or not the shared key (A1 shared key)shared between itself and the apparatus specified by the second nextforwarding-destination address is in the key-information storing unit103 (S110).

In case of the existence of the A1 shared key (YES in step S110), the A1shared key is retrieved from the key-information storing unit 103(S111). The message authentication code generating unit 109 generates anA1 message authentication code on the basis of the received packet, thesecond next forwarding-destination address, and the A1 shared key(S112). Subsequently, the second-packet generating unit 110 generates anA2 packet which includes: the data included in the received packet; theinformation on the second next forwarding-destination address; and theA1 message authentication code (S113). Then the second-packet generatingunit 110 outputs the generated A2 packet to the transmitting unit 112(S114).

In case of the absence of the A1 shared key (NO in step S110), thethird-packet generating unit 111 generates an A3 packet including boththe second next forwarding-destination address and a request to generatea shared key (A2 shared key) which is expected to be shared between thenext forwarding-destination apparatus and the previous source apparatus(S115). Subsequently, the third-packet generating unit 111 outputs thegenerated A3 packet to the transmitting unit 112 (S116).

Operations in steps S117 and S118 will be described layer.

FIG. 6 is a flowchart showing how the previous source apparatus(relaying apparatus) operates when receiving the A3 packet.

The receiving unit 101 receives the A3 packet (S201). The A3 packet isthereafter outputted from the receiving unit 101 to the third processingunit 107.

Upon receiving the A3 packet, the third processing unit 107 judgeswhether the shared key (A2 shared key) shared by itself and theapparatus designated by the second next forwarding-destination addressis in the key-information storing unit 103 (S202).

If the A2 shared key is in the key-information storing unit 103, themessage authentication code generating unit 109 generates the messageauthentication code (A2 message authentication code) on the basis ofboth the data included in the A3 packet and the shared key (A2 sharedkey) (S203). Subsequently, the message authentication code generatingunit 109 outputs the data included in the A3 packet, the shared key (A2shared key), and the message authentication code (A2 messageauthentication code) to the second-packet generating unit 110.

The second-packet generating unit 110 generates the fourth packet whichis a packet including: the data included in the A3 packet; the sharedkey (A2 shared key); and the message authentication code (A2 messageauthentication code) (S204). Subsequently, the second-packet generatingunit 110 outputs the generated fourth packet to the transmitting unit112 (S205).

If no A2 shared key is in the key-information storing unit 103, thethird processing unit 107 outputs, to the first processing unit 105,information indicating that, out of the addresses stored in theroute-information storing unit 102, the target address should be changedto an address to which the packet is not permitted to be forwarded. Thefirst processing unit 105 changes the target address, out of theaddresses stored in the route-information storing unit 102, to anaddress to which the packet is not permitted to be forwarded (S117).Subsequently, the first processing unit 105 further performs theoperations at step S104 onwards.

The relaying apparatus receives the return message indicating that thetransmission is unpermitted (S118). After that, the flow proceeds to theoperation to check the route information (S104).

FIG. 7 illustrates an example of the configuration of a smart-gridcommunication network, which is taken as an example of the use of therelaying apparatuses of the above-described embodiment. In FIG. 7, smartmeters 11 sa to 11 sc configured to calculate the electric powerconsumption communicate with MDMDs (standing for Meter Data ManagementSystems) 12 sa to 12 sc through the communication network with relayingapparatuses 10 sa to 10 sc assembling into some groups. Each MDMSreceives and stores the electric power consumption sent from the smartmeter of each of the households under the MDMS at constant intervals.

In the smart-grid communication network of this example, each packetpasses through several relaying apparatuses until the packet reaches theultimate-destination terminal apparatus after the departure from thesource terminal apparatus. To prevent DoS (denial of service) attacks,the smart meters, the relaying apparatuses, and the MDMSs performprocessing of packet authentication when packets are sent out to or flowin from the outside.

When receiving, from the smart meter 11 sa of a packet's source, arequest to relay the packet, the relaying apparatus 10 sa judges whetheror not to relay the packet to the forwarding destination of the packeton the basis of whether or not the relaying apparatus 10 sa has a sharedkey which is shared with the next relaying apparatus 10 sb. The “sharedkey” means a secret key shared between the sending party and thereceiving party. The use of the shared key enables MAC messageauthentication codes to be generated or verified. The relaying apparatus10 sa has a function of inquiring of the smart meter 11 sa about whetheror not the smart meter 11 sa has a shared key which is shared with therelaying apparatus 10 sb as the forwarding destination in a case wherethe relaying apparatus 10 sa is unable to relay the packet because therelaying apparatus 10 sa can generate no MAC message authentication codeto be used by the sending party and the receiving party due to therelaying apparatus 10 sa not having the shared key in advance. If thesmart meter 11 sa has the shared key to be shared with the relayingapparatus 10 sb, the smart meter 11 sa generates two MAC messageauthentication codes—one for the relaying apparatus 10 sa and the otherfor the relaying apparatus 10 sb. Then, the smart meter 11 sa transfersa packet to the relaying apparatus 10 sa. Once verifying the MAC messageauthentication code added to the packet, the relaying apparatus 10 satransfers, to the relaying apparatus 10 sb, the packet together with theMAC message authentication code added by the smart meter 11 sa.

Second Embodiment

Next, a second embodiment will be described.

The packet in this second embodiment includes not only the data and themessage authentication code but also information on the number of timesthe verification or the transfer is to be performed (such informationwill be referred to as the transfer-control information). Thetransfer-control information is associated with the messageauthentication code.

FIG. 8 is a diagram illustrating a configuration of an informationprocessing apparatus (a relaying apparatus in this case) of the secondembodiment.

A receiving unit 201 receives a packet sent by either a transmittingapparatus or a different relaying apparatus. In this respect, thetransmitting apparatus or the different relaying apparatus that sendsthe packet to the relaying apparatus will be referred to as a “previoussource apparatus.” The receiving unit 201 passes the received packet tothe message authentication code verifying unit 204. The packet includes:data; an message authentication code generated from the data and ashared key possessed by the transmitting apparatus; address informationof the previous source apparatus; and address information of theultimate destination of the packet (ultimate-destination address).

A route-information storing unit 202 stores route information. The routeinformation includes information that associates theultimate-destination address with address information of the destinationthat the packet is to be forwarded next (first nextforwarding-destination address). The ultimate-destination address in thecase of this embodiment is address information of the receivingapparatus. The route information is used to determine where to forwardthe received packet. Another relaying apparatus or another receivingapparatus which is the next forward destination will be referred to as a“next forwarding-destination apparatus.”

A key-information storing unit 203 stores a shared key shared betweenthe relaying apparatus and the transmitting apparatus, a shared keyshared between the relaying apparatus and another relaying apparatus, ora shared key shared between the relaying apparatus and the receivingapparatus.

If the message authentication code verifying unit 204 judges, as aresult of the message authentication code verification, that a propermessage authentication code is included in the received packet, themessage authentication code verifying unit 204 outputs the receivedpacket to a transfer-control information processing unit 205.

Upon receiving the received packet, the transfer-control informationprocessing unit 205 changes the value of the transfer-controlinformation by a predetermined method. If, as a result of the change,the resultant value satisfies a predetermined condition, thetransfer-control information is deleted from the received packet. Inthis respect, an example of the above-mentioned predetermined method isto subtract one from the value of the transfer-control informationcorresponding to the message authentication code generated by use of theshared key shared between the previous source apparatus and theapparatus of its own. If the value of the transfer-control informationbecomes zero, the transfer-control information is deleted from thereceived packet. In this respect, the above-mentioned predeterminedmethod is not limited to the above-described method of subtracting one.Alternatively, the transfer-control information may be subjected to apredetermined arithmetic operation, such as subtracting a predeterminednumber from the value of the transfer-control information or adding apredetermined number to that value. Subsequently, the transfer-controlinformation processing unit 205 outputs the post-processed receivedpacket to a first processing unit 206.

On the basis of the ultimate-destination address of the packet (receivedpacket) received by the receiving unit 201, the first processing unit206 (the route-information extracting unit) judges whether or not theroute-information storing unit 202 stores the route informationincluding the ultimate-destination address of the received packet.

If the first processing unit 206 (the route-information extracting unit)judges that the route-information storing unit 202 stores such routeinformation, the first processing unit 206 (the route-informationextracting unit) extracts one or more first next forwarding-destinationaddresses which are associated with the ultimate-destination address. Inaddition, the first processing unit 206 (the route-informationextracting unit) extracts, from the one or more extracted first nextforwarding-destination addresses, a second next forwarding-destinationaddress which is a first next forwarding-destination address being aforwarding target candidate. In this respect, if multiple second nextforwarding-destination addresses exist, the first processing unit 206(the route-information extracting unit) extracts one from the multiplesecond next forwarding-destination addresses. Subsequently, the firstprocessing unit 206 (the route-information extracting unit) outputs theextracted second next forwarding-destination address to the secondprocessing unit 207, which will be described later. Incidentally, nospecific restriction is imposed on the method of extracting one secondnext forwarding-destination address from the multiple second nextforwarding-destination addresses. For instance, the extraction may bedone following the sequence in which the second nextforwarding-destination addresses are stored in the route-informationstoring unit 202.

If the first processing unit 206 (the route-information extracting unit)judges that the route-information storing unit 202 stores no routeinformation, the first processing unit 206 (the route-informationextracting unit) outputs, to the transmitting unit 213, informationindicating that the received packet is not able to be forwarded.

The second processing unit 207 judges whether or not the received packetincludes an message authentication code generated by use of the sharedkey shared between the next forwarding-destination apparatus and theprevious source apparatus. In this respect, specific examples of thecombination of the next forwarding-destination apparatus and theprevious source apparatus include: a relaying apparatus specified by thesecond next forwarding-destination address and a transmitting apparatus;a relaying apparatus specified by the second next forwarding-destinationaddress and another relaying apparatus; and a receiving apparatusspecified by the second next forwarding-destination address and anotherrelaying apparatus.

If the second processing unit 207 judges that the received packetincludes the message authentication code generated by use of the sharedkey shared between the next forwarding-destination apparatus and theprevious source apparatus, the second processing unit 207 outputs boththe received packet and the second next forwarding-destination addressto the first-packet generating unit 209.

Specific examples of the message authentication code generated by use ofthe shared key shared between the previous source apparatus and the nextforwarding-destination apparatus include: an message authentication codegenerated by use of the shared key shared between a transmittingapparatus as the previous source and a relaying apparatus as the nextdestination; an message authentication code generated by use of theshared key shared between a relaying apparatus as the previous sourceand a relaying apparatus as the next destination; and an messageauthentication code generated by use of the shared key shared between arelaying apparatus as the previous source and a receiving apparatus asthe next destination.

If the second processing unit 207 judges that the received packet doesnot include the message authentication code generated by use of theshared key shared between the next forwarding-destination apparatus andthe previous source apparatus, the second processing unit 207 outputsboth the received packet and the second next forwarding-destinationaddress to the third processing unit 208 (the key checking unit).

Specific examples of the message authentication code generated by use ofthe shared key shared between the previous source apparatus and the nextforwarding-destination apparatus include: an message authentication codegenerated by use of the shared key shared between a transmittingapparatus as the previous source and a relaying apparatus as the nextdestination; an message authentication code generated by use of theshared key shared between a relaying apparatus as the previous sourceand a relaying apparatus as the next destination; and an messageauthentication code generated by use of the shared key shared between arelaying apparatus as the previous source and a receiving apparatus asthe next destination.

Once receiving the received packet and the second nextforwarding-destination address, the third processing unit 208 judgeswhether or not the key-information storing unit 203 stores a shared keywhich is shared between the relaying apparatus of its own and the nextforwarding-destination apparatus.

If the third processing unit 208 judges that the key-information storingunit 203 stores the shared key which is shared between the relayingapparatus of its own and the next forwarding-destination apparatus, thethird processing unit 208 retrieves the found shared key and informationon the number of times from the key-information storing unit 203.Subsequently, the third processing unit 208 outputs the received packet,the second next forwarding-destination address, the retrieved sharedkey, and the retrieved information on the number of times to the messageauthentication code/transfer-control information generating unit 210.

On the basis of both the received packet and the second nextforwarding-destination address received by the first-packet generatingunit 209, the first-packet generating unit 209 generates a first packetwhich is a packet including both the data included in the receivedpacket and the second next forwarding-destination address. Subsequently,the first-packet generating unit 209 outputs the generated first packetto the transmitting unit 213.

The message authentication code/transfer-control information generatingunit 210 receives the received packet, the second nextforwarding-destination address, the retrieved shared key, and theretrieved information on the number of times. The message authenticationcode/transfer-control information generating unit 210 generates anmessage authentication code (B1 message authentication code) on thebasis of both the data included in the received packet and the sharedkey, as well as generates transfer-control information on the basis ofthe information on the number of times. Subsequently, the messageauthentication code/transfer-control information generating unit 210outputs the received packet, the second next forwarding-destinationaddress, the generated message authentication code, and the generatedtransfer-control information to the second-packet generating unit 211.

The second-packet generating unit 211 receives the received packet, thesecond next forwarding-destination address, the generated messageauthentication code (B1 message authentication code), and the generatedtransfer-control information, as well as thus generates a packet (B2packet) which includes: the data included in the received packet; thesecond next forwarding-destination address; and the B1 messageauthentication code. Subsequently, the second-packet generating unit 211outputs the generated packet (B2 packet) to the transmitting unit 213.

The third-packet generating unit 212 receives the second nextforwarding-destination address. Thereafter, the third-packet generatingunit 212 generates an A3 packet which is a packet including: the dataincluded in the received packet; a request to generate an authentic codewhich is expected to be generated from a shared key (B2 shared key)shared between the next forwarding-destination apparatus and theprevious source apparatus; and the second next forwarding-destinationaddress.

Alternatively, the third-packet generating unit 212 may generate the A3packet without including the request to generate the B2 shared key inthe A3 packet. In this case, on the basis of the second nextforwarding-destination address, the B2 shared key may be generated bythe previous source apparatus which receives the second nextforwarding-destination address from the transmitting unit 213, whichwill be described later.

Once receiving, from the first processing unit 206 (theroute-information checking unit), the information indicating that thereceived packet is unable to be forwarded, the transmitting unit 213sends, to the previous source apparatus, the information indicating thatthe received packet is unable to be forwarded.

Once receiving the first packet from the first-packet generating unit209, the transmitting unit 213 forwards the first packet to the nextforwarding-destination apparatus of the second nextforwarding-destination address.

Once receiving the A2 packet from the second-packet generating unit 210,the transmitting unit 213 forwards the A2 packet to the nextforwarding-destination apparatus of the second nextforwarding-destination address.

Once receiving the A3 packet from the first-packet generating unit 212,the transmitting unit 213 forwards the A3 packet to the nextforwarding-destination apparatus.

Next, description will be provided for how each relaying apparatus shownin FIG. 8 operates. FIG. 9 is a flowchart schematically showing theoperations of the relaying apparatus shown in FIG. 8.

The receiving unit 201 receives a packet sent from a transmittingapparatus or another relaying apparatus (S301). Subsequently, thereceiving unit 201 passes the received packet to the messageauthentication code verifying unit 204.

The message authentication code verifying unit 204 checks whether or notthe received packet includes a message authentication code (S302).

If the received packet includes no message authentication code (NO instep S302), the message authentication code verifying unit 204 sends areturn message to the previous source apparatus which is the source ofthe received packet, indicating that the reception is impossible (S303).

If the message authentication code verifying unit 204 judges, as aresult of the message authentication code verification, that a propermessage authentication code is included in the received packet, themessage authentication code verifying unit 204 outputs the receivedpacket to the transfer-control information processing unit 205 (YES instep S302).

Upon receiving the received packet, the transfer-control informationprocessing unit 205 subtracts one from the value of the transfer-controlinformation corresponding to the message authentication code generatedby use of the shared key shared between the previous source apparatusand the very apparatus of the transfer-control information processingunit 205. If the value of the transfer-control information becomes zero,the transfer-control information is deleted from the received packet(S304). Subsequently, the transfer-control information processing unit205 outputs the post-processed received packet to the first processingunit 206. On the basis of the ultimate-destination address of thepacket, the first processing unit 206 makes a judgment about theexistence or absence of the route information (S305).

In case of the absence of the route information, the first processingunit 206 outputs, to the transmitting unit 213, information indicatingthat the forwarding of the received packet is impossible (S306).

In case of the existence of the route information, the first processingunit 206 extracts a second next forwarding-destination address from theroute-information storing unit 202, as well as outputs the receivedpacket and the second next forwarding-destination address to the secondprocessing unit 207 (S307).

The second processing unit 207 judges whether or not the received packetincludes a message authentication code generated by use of the sharedkey shared between the next forwarding-destination apparatus and theprevious source apparatus (S308).

If the second processing unit 207 judges that the received packetincludes the message authentication code (YES in step S308), both thereceived packet and the second next forwarding-destination address areoutputted to the first-packet generating unit 209.

The first-packet generating unit 209 generates a first packet includingboth the data included in the received packet and the second nextforwarding-destination address (S309), as well as sends the generatedfirst packet to the transmitting unit 213 (S310).

If it is judged that the received packet includes no messageauthentication code (No in step S308), the third processing unit 208associates the received packet and the second nextforwarding-destination address, as well as judges whether or not theshared key (B1 shared key) shared between itself and the nextforwarding-destination apparatus is in the key-information storing unit203 (S110).

If the third processing unit 208 judges that the shared key (B1 sharedkey) shared between the relaying apparatus of its own and theforwarding-destination apparatus is in the key-information storing unit203, the third processing unit 208 retrieves both the found B1 sharedkey and the information on the number of times from the key-informationstoring unit 203 (S312). Subsequently, the third processing unit 208outputs, to the message authentication code/transfer-control informationgenerating unit 210, the received packet, the second nextforwarding-destination address, the retrieved B1 shared key, and theretrieved information on the number of times.

The message authentication code/transfer-control information generatingunit 210 receives the received packet, the second nextforwarding-destination address, the retrieved B1 shared key, and theretrieved information on the number of times. The message authenticationcode/transfer-control information generating unit 210 generates amessage authentication code (B1 message authentication code) by use ofboth the data included in the received packet and the B1 shared key, aswell as generates transfer-control information on the basis of theinformation on the number of times (S313). Subsequently, the messageauthentication code/transfer-control information generating unit 210outputs the received packet, the second next forwarding-destinationaddress, the generated message authentication code, and the generatedtransfer-control information to the second-packet generating unit 211.

The second-packet generating unit 211 receives the received packet, thesecond next forwarding-destination address, the generated messageauthentication code (B1 message authentication code), and the generatedtransfer-control information. Subsequently, the second-packet generatingunit 211 generates a packet (B2 packet) including: the data included inthe received packet; the second next forwarding-destination address; andthe B1 message authentication code (S314). Thereafter, the second-packetgenerating unit 211 outputs the generated B2 packet to the transmittingunit 213 (S315).

In case of the absence of the B1 shared key (NO in step S311), thethird-packet generating unit 212 generates an B3 packet including boththe second next forwarding-destination address and a request to generatea shared key (B2 shared key) to be shared by the nextforwarding-destination apparatus and the previous source apparatus(S316). Subsequently, the third-packet generating unit 212 outputs thegenerated B3 packet to the transmitting unit 213 (S317).

Operations in steps S318 and S319 will be described layer.

FIG. 10 is a flowchart showing how the previous source apparatus(relaying apparatus) operates when receiving the B3 packet.

The receiving unit 201 receives the B3 packet (S401). The B3 packet isthereafter outputted from the receiving unit 201 to the third processingunit 208.

Upon receiving the B3 packet, the third processing unit 208 judgeswhether the shared key (B2 shared key) shared between itself and theapparatus designated by the second next forwarding-destination addressis in the key-information storing unit 203 (S202).

If the B2 shared key is in the key-information storing unit 203, themessage authentication code/transfer-control information generating unit210 receives the received packet, the second next forwarding-destinationaddress, the retrieved B2 shared key, and the information on the numberof times (S403).

Thereafter, the message authentication code/transfer-control informationgenerating unit 210 generates a message authentication code (B3 messageauthentication code) on the basis of both the data included in thereceived packet and the B2 shared key, whereas as well as generates thetransfer-control information on the basis of the information on thenumber of times (S404). Subsequently, the message authenticationcode/transfer-control information generating unit 210 outputs thereceived packet, the second next forwarding-destination address, thegenerated message authentication code (B3 message authentication code),and the generated transfer-control information to the second-packetgenerating unit 211.

The second-packet generating unit 211 receives the received packet, thesecond next forwarding-destination address, the generated messageauthentication code (B3 message authentication code), and the generatedtransfer-control information. Subsequently, the second-packet generatingunit 211 generates a packet (B4 packet) including: the data included inthe received packet, the second next forwarding-destination address; andthe B1 message authentication code (S405). Thereafter, the second-packetgenerating unit 211 outputs the generated B4 packet to the transmittingunit 213. The transmitting unit 213 transmits the B4 packet (S406).

If receiving, from another relaying apparatus which is the forwardingdestination, a return message indicating that the transmission isimpossible ((1) in FIG. 9 and (1) in FIG. 10), the relaying apparatuseschanges the target address in the route information to be an address towhich the packet is not permitted to be forwarded (S318). In addition,if the message authentication code verifying unit 204 judges that themessage authentication code is not included there (NO at step S302; (2)in FIG. 9) or if the first processing unit 206 judges that the routeinformation is not included there (NO at step S305; (2) in FIG. 9), therelaying apparatus changes the target address in the route informationto be an address to which no packet is not permitted to be forwarded(S319).

Next, an example of the operations in the second embodiment will bedescribed. FIG. 11 is a diagram illustrating a specific example of theoperations.

Each of the smart meters and the relaying apparatuses includes the means(the message authentication code/transfer-control information generatingunit 210) for setting up MAC transfer-control information together witha MAC message authentication code when the means generates the MACmessage authentication code of a packet by use of the shared key sharedbetween the meter or apparatus of its own and its communicationcounterpart. The information on whether the MAC message authenticationcode and the MAC transfer-control information should be deleted orcontinue to be transferred after the verification of the MAC messageauthentication code is described in the MAC transfer-controlinformation.

Specifically, in a case where an MAC message authentication code isgenerated by use of a shared key shared among n persons, the MAC messageauthentication code needs to be verified by the other (n−1) sharers. Forthis reason, a value “n−1” is set in the MAC transfer-controlinformation. (For instance, if an MAC message authentication code isgenerated by use of a shared key shared among three persons, the MACmessage authentication code needs to be verified twice by the other twosharers. Hence, a value “2” is set in the MAC transfer-controlinformation.) When the next terminal apparatus receives the packet andverifies the MAC message authentication code, the MAC transfer-controlinformation is updated by subtracting one from the value set in the MACtransfer-control information. If the resultant value after thesubtraction becomes zero, both the MAC message authentication code andthe value set in the MAC transfer-control information are deleted. Aslong as the value set in the MAC transfer-control information is largerthan zero, both the MAC code and the MAC transfer-control informationcontinue to be transferred to the next relaying apparatus.

In the description given below, the capital letter “K” represents a key,and each notation including the capital letter “K” and a parenthesizedstring of letters means a key shared among apparatuses represented bycapital letters which are connected together by a dash (“-”). In FIGS.11 and 12 each subscript letter string written immediately below and tothe right of the capital letter “K” represents a key shared between oramong apparatuses represented by capital letters which are connectedtogether by a dash (“-”). For instance, “K(A-B-D)” represents a sharedkey shared among the apparatuses A, B, D. In FIGS. 11 and 12 a subscriptletter string of “A-B-D” carries a similar meaning. In addition, anmessage authentication code generated by use of the key K(A-B-D) isexpressed as the MAC message authentication code MAC(A-B-D). In FIGS. 11and 12 a subscript letter string of “A-B-D” written immediately belowand to the right of an abbreviation “MAC” carries a similar meaning.

For instance, in FIG. 11, K(A-B-D) represents a shared key shared amongthe apparatuses A, B, D; K(B-C) represents a shared key shared betweenthe apparatuses B, C; and K(D-E) represents a shared key shared betweenthe apparatuses D, E.

Firstly, using a shared key K(A-B-D), the apparatus A generates an MACmessage authentication code MAC(A-B-D) needed to be verified by theapparatuses B, D. In addition, the apparatus A sets a value “2” in theMAC transfer-control information. Subsequently, the apparatus Atransfers a packet of the data to the apparatus B.

If the apparatus B can verify the MAC message authentication code by useof the shared key K(A-B-D), the apparatus B subtracts one from the valueset in the MAC transfer-control information. Subsequently, the apparatusB generates an MAC message authentication code MAC(B-C) and MACtransfer-control information by use of a shared key K(B-C) shared withthe apparatus C. Thereafter, the apparatus B transfers the packet to theapparatus C.

If the apparatus C can verify the MAC message authentication codeMAC(B-C) by use of the shared key K(B-C), the apparatus C subtracts onefrom the value set in the MAC transfer-control information.Consequently, the value set in the MAC transfer-control informationbecomes zero. For this reason, the apparatus C removes the MAC messageauthentication code MAC(B-C) from the MAC transfer-control information,and transfers the resultant packet to the apparatus D.

If the apparatus D can verify the MAC message authentication codeMAC(A-B-D) by use of the shared key K(A-B-D), the apparatus D subtractsone from the value set in the MAC transfer-control information.Consequently, the value set in the MAC transfer-control informationbecomes zero. For this reason, the apparatus D removes the MAC messageauthentication code MAC(A-B-D) from the MAC transfer-controlinformation, and generates an MAC message authentication code MAC(D-E)and MAC transfer-control information by use of the key (D-E), as well astransfers the resultant packet to the apparatus E. Thereby, theapparatus E get ready to verify the MAC message authentication codeMAC(D-E) by use of the shared key K(D-E).

In the alternative case shown in FIG. 12, the MAC transfer-controlinformation includes a name or an ID that enables the apparatusverifying each MAC message authentication code to be identified. Once anapparatus can verify a particular MAC message authentication code, theapparatus deletes its own name from the MAC transfer-controlinformation. When the MAC transfer-control information has no names, theMAC message authentication code is deleted, but not transferred to thenext apparatus. For instance, in FIG. 12, K(A-B-D) represents a sharedkey shared among the apparatuses A, B, D; K(B-C) represents a shared keyshared between the apparatuses B, C; and K(D-E) represents a shared keyshared between the apparatuses D, E.

Firstly, using a shared key K(A-B-D), the apparatus A generates an MACmessage authentication code MAC(A-B-D) needed to be verified by theapparatuses B, D. In addition, the apparatus A describes identifiers(names or the like) of the apparatus B, D in the MAC transfer-controlinformation. Subsequently, the apparatus A transfers the resultantpacket of the data to the apparatus B. If the apparatus B can verify theMAC message authentication code by use of the shared key K(A-B-D), theapparatus B removes its own identifier (name) from the MACtransfer-control information. Thereafter, the apparatus B generates anMAC message authentication code MAC(B-C) and MAC transfer-controlinformation by use of a shared key K(B-C) shared with the apparatus C.Afterward, the apparatus B transfers the resultant packet to theapparatus C.

If the apparatus C can verify the MAC message authentication codeMAC(B-C) by use of the shared key K(B-C), the apparatus C removes itsown identifier (name) from the MAC transfer-control information, andaccordingly blanks out its own identifier (name). For this reason, theapparatus C removes the MAC message authentication code MAC(B-C) fromthe MAC transfer-control info nation, and transfers the resultant packetto the apparatus D.

If the apparatus D can verify the MAC message authentication codeMAC(A-B-D) by use of the shared key K(A-B-D), the apparatus D removesits own identifier (name) from the MAC transfer-control information, andaccordingly blanks out its own identifier (name). For this reason, theapparatus D removes the MAC message authentication code MAC(A-B-D) fromthe MAC transfer-control information, and generates an MAC messageauthentication code MAC(D-E) and MAC transfer-control information by useof a key K(D-E), as well as transfer the resultant packet to theapparatus E. Thereby, the apparatus E gets ready to verify the MACmessage authentication code MAC(D-E) by use of the K(D-E).

The providing of such MAC authentication-control information makes itpossible to transfer and control an MAC message authentication codeinvolving multiple (three or more) relaying apparatuses.

The embodiments of the invention makes it possible to reduce the numberof MACs (message authentication codes) to be attached to a packet in acase where the packet, to which the MACs are attached, fails to betransferred between or among relaying apparatuses.

In addition, the overhead of the communication can be reduced, and theload of the authentication processing can be reduced as well. Besides,the risk of DoS attacks can also be reduced.

The techniques disclosed in the above-described embodiments may bedistributed by being stored, as computer-executable programs, in variouskinds of storage media such as magnetic discs (e.g., Floppy® discs, harddisk drives, etc.), optical discs (e.g., CD-RAMS, DVDs, etc.),magneto-optical discs (MOs), and semiconductor memories.

In addition, as the storage media, any type of storage is allowed aslong as the storage medium can store a program and is computer-readable.

Furthermore, an operating system (OS) and middleware such as databasemanagement software, network software which are run on a computer inaccordance with the instructions given by a program installed in thecomputer from a storage medium, may execute some part of the processingneeded to implement the embodiments.

Moreover, the storage media usable by the invention is not necessarily amedium independent of the computer. Usable storage media include astorage medium either temporarily holding or storing a downloadedprogram transmitted through a LAN, the Internet, or the like.

In addition, the number of storage media is not necessarily one. Evenwhen the processing described in the embodiments is executed by multiplemedia, the multiple storage media are included in the storage mediausable by the invention. In addition, any configuration of the media isallowable.

The computer usable by the invention is an apparatus to execute theprocessing of the embodiments in accordance with the program stored inthe storage medium. The computer may be a single apparatus such as apersonal computer, or may be a system or the like in which multipleapparatuses are connected to one another by a network.

In addition, the computer usable by the invention is not necessarily apersonal computer. The term “computer” used in the description of theinvention includes arithmetic processing units included in informationprocessing apparatuses, microcomputers, and the like. The term“computer” is a generic name given to apparatuses and systems that arecapable to implement the functions of the invention on a basis of aprogram.

Some embodiments of the invention have been described, but thoseembodiments are described for the illustrative purposes only, not forthe purpose of restricting the scope of the invention. Those novelembodiments can be carried out in various other forms. Various kinds ofomission, replacement, and modification can be made without departingfrom the spirit of the invention. Such other embodiments and themodifications thereof are included in the scope and the spirit of theinvention, and also in the invention described in the claims and itsequivalents.

1. An information processing apparatus comprising: a receiving unitconfigured to receive a packet sent from a first apparatus, the packetincluding data and an ultimate destination address which representsaddress information of an ultimate destination; a route informationstoring unit configured to store the ultimate destination address and afirst next destination address in association with each other, the firstnext destination address representing information on an address of anext forwarding destination; a key information storing unit configuredto store a first shared key, which is a key shared between theinformation processing apparatus of its own and a different informationprocessing apparatus; a first processing unit configured to judge, onthe basis of the received ultimate destination address, whether or notthe route information storing unit stores a second next destinationaddress, which is the first next destination address being a forwardingtarget candidate; a second processing unit configured to judge whetheror not a received packet includes an message authentication code for thesecond next destination address, on the basis of the received packet andthe second next destination address, in the case where theroute-information storing unit stores the second next destinationaddress; a first packet generating unit configured to generate a firstpacket on a basis of the received packet and the second next destinationaddress in the case where the received packet includes the messageauthentication code for the second next destination address; a thirdprocessing unit configured to judge whether or not the key informationstoring unit stores a second shared key, which is a first shared keyshared between the information processing apparatus of its own andanother information processing apparatus specified by the second nextdestination address, in the case where the received packet does notinclude the message authentication code for the second next destinationaddress; a message authentication code generating unit configured togenerate a first message authentication code on a basis of the data andthe second shared key in the case where the key information storing unitstores the second shared key; a second packet generating unit configuredto generate a second packet including the ultimate destination address,the data, and the first message authentication code; a third packetgenerating unit configured to generate a third packet, which includes anext destination and information indicating that the generation of anmessage authentication code is impossible, in the case where the keyinformation storing unit does not store the second shared key; and atransmitting unit configured to transmit one of the first packet, thesecond packet or the third packet.
 2. The apparatus according to claim1, wherein the receiving unit further receives, from a second apparatus,a fourth packet including: the second next destination addressrepresenting address information of a next destination to which thesecond apparatus is to forward a packet; and information indicating thatthe generation of an message authentication code is impossible, the keyinformation judging unit further judges whether or not the keyinformation storing unit stores a second shared key, which is a keyshared between the information processing apparatus of its own and theinformation processing apparatus specified by the second nextdestination address, in the case of storing the second shared key, themessage authentication code generating unit generates a second messageauthentication code on a basis of the data and the second shared key,and generates a fifth packet including the ultimate destination address,the data, the first message authentication code and the second messageauthentication code, and in the case of storing the second shared key,the transmitting unit transmits the fifth packet to the secondapparatus.
 3. An information processing apparatus comprising: areceiving unit configured to receive a first packet sent from a firstapparatus, the first packet including data, an message authenticationcode and an ultimate-destination address representing addressinformation of an ultimate destination; a message authentication codeverifying unit configured to verify whether or not the received packetincludes a proper message authentication code; a route informationstoring unit configured to store the ultimate destination address and afirst next destination address in association with each other, the firstnext destination address representing address information of a nextforwarding destination; a transfer control information processing unitconfigured to change a value set in transfer control information by apredetermined method if a result of the verification shows that thereceived packet includes the proper message authentication code; a firstprocessing unit configured to judge, on the basis of the receivedultimate-destination address, whether or not the route informationstoring unit stores a second next destination address, which is thefirst next destination address being a forwarding target candidate; asecond processing unit configured to judge whether or not a receivedpacket, includes an message authentication code for the second nextdestination address, on the basis of the received packet and the secondnext destination address in the case where the route information storingunit stores the second next destination address; a key informationstoring unit configured to store a first shared key, which is a keyshared between the information processing apparatus of its own and adifferent information processing apparatus; a first packet generatingunit configured to generate a first packet on a basis of the receivedpacket and the second next destination address in the case where thereceived packet includes the message authentication code for the secondnext destination address; a third processing unit configured to judgewhether or not the key information storing unit stores a second sharedkey, which is a first shared key shared between the informationprocessing apparatus of its own and another information processingapparatus specified by the second next destination address, in the casewhere the received packet does not include the message authenticationcode for the second next destination address; a message authenticationcode generating unit configured to generate a first messageauthentication code on a basis of the data and the first shared key inthe case where the key-information storing unit stores the second sharedkey; a second packet generating unit configured to generate a secondpacket including the ultimate destination address, the data, and thefirst message authentication code; a third packet generating unitconfigured to generate a third packet, which includes a next destinationand information indicating that the generation of an messageauthentication code is impossible, in the case where the key-informationstoring unit does not stores the first shared key; and a transmittingunit configured to transmit one of the first packet, the second packetor the third packet.
 4. An information processing method to relay datafrom a source apparatus to an ultimate destination apparatus via a relayapparatus comprising: receiving a packet; judging the existence of theroute information stored in a route information storing unit, based on aultimate destination address of the packet; extracting a next forwardingdestination address from the route information storing unit in the caseof the existence of the route information; judging whether the receivedpacket includes an message authentication code regarding the nextforwarding destination apparatus specified by the second next forwardingdestination address and the source apparatus; in the case where thereceived packet does not include the message authentication code,judging whether a shared key shared between the relay apparatus and thenext forwarding destination apparatus is stored in a key informationstoring unit; and in the case of the absence of the shared key,generating a request packet including the next forwarding destinationaddress and a request to generate a new shared key to be shared betweenthe next forwarding destination apparatus and the source apparatus. 5.The method according to claim 4, further comprising: verifying whetheror not the received packet includes an message authentication code; andsending a return message indicating that the reception is impossible tothe source apparatus, if the received packet includes no messageauthentication code,
 6. The method according to claim 5, furthercomprising; outputting information indicating that the forwarding of thereceived packet is impossible in the case of the absence of the routeinformation.
 7. The method according to claim 4, further comprising:generating a relay packet including the data included in the receivedpacket and the next forwarding destination address, if the receivedpacket includes the message authentication code; and transmitting therelay packet.
 8. The method according to claim 4, further comprising: inthe case of the existence of the shared key, generating a messageauthentication code on the basis of the received packet, the nextforwarding destination address and the shared key; generating a relaypacket which includes the received packet, the information on the secondnext forwarding-destination address and the generated messageauthentication code; and transmitting the relay packet.
 9. The methodaccording to claim 4, further comprising: receiving the request packetat the source apparatus; and upon receiving the request packet, judgingwhether the shared key shared by source apparatus and the nextforwarding destination apparatus is existence in the source apparatus.10. The method according to claim 9, further comprising: generating themessage authentication code based on the request packet and the sharedkey, if the shared key is existence at the source apparatus; generatinga fourth packet which includes the data included in the request packet,the shared key and the generated message authentication code; andtransmitting the fourth packet.
 11. The method according to claim 10,further comprising: if no shared key is existed at the source apparatus,outputting information indicating that the next forwarding destinationaddress should be changed to an address where the packet is not permitto be forwarded.
 12. The method according to claim 11, furthercomprising: verifying whether the received packet includes the messageauthentication code; and if the received packet includes the correctmessage authentication code, processing transfer control information soas to reduce the value of the transfer control information correspondingto the message authentication code generated by the shared key sharedbetween the source apparatus and the relay apparatus.
 13. The methodaccording to claim 12, further comprising: if the value of the transfercontrol information is less than a predetermined value, deleting thetransfer control information from the received packet
 14. The methodaccording to claim 4, wherein said extracting step further extracts aplurality of first next forwarding destination addresses which areassociated with the ultimate-destination address, and extracts, from aplurality of the extracted first next forwarding-destination addresses,the next forwarding destination address which is a forwarding target.